Privacy Policy

GDPR – Privacy Policy

Last updated June 2018

Your rights, your information and how we use it
We are committed to protecting your personal and business information.
Our Privacy Policy contains information about what details we collect, request and hold, what we do with this information, who we may share it with and why, and your rights regarding the information you have given us.

Who we are
We are Osprey Hospitality Group Ltd and this Privacy Policy applies to the following:
• Galloping Horse Ltd – Public house
• Osprey Management Group Ltd – Operators pubs, bars and restaurants

How to contact us

If you have any questions regarding our Privacy Policy or the information we collect or use about you or your business, please contact:

Information we collect and use
Employees
• Information about who you are e.g. your name, date of birth and contact details
• Information about your bank account
• Information we may receive from HM Revenue & Customs
• Information about your contact with us e.g. meetings, phone calls and emails
• Information classed as ‘sensitive’ personal information e.g. relating to your health or marital status
• Information you may provide us about other people e.g. next of kin,

Customers
• Information about who you are e.g. your name, contact details
• Information about your contact with us e.g. meetings, phone calls and emails

Where we collect your information

We may collect/obtain information directly from you, and from a variety of sources, including:
Employees only
• Information obtained during first initial interview and subsequent employment
• Information requested/handed in from you e.g. accounting information, correspondence from HM Revenue & Customs,
• Phone conversations with us and emails
• Directly from HM Revenue & Customs in respect of you PAYE and national insurance affairs

Who we may share your information with

We may share your information between the different organisations within our company and the following only when we have received specific agreement from you

• HM Revenue & Customs
• Your pension provider
• Other third parties only when a specific request or authorisation is provided by you

Where your information is processed

All of your personal information is processed in the UK.

How we protect your information

We take information and system security very seriously and we strive to comply with our obligations at all times. Any information which is collected, recorded or used in any way, whether paper based, or electronic, will have appropriate safeguards applied in line with our data protection obligations.

How long we keep your information

We will keep your personal information only whilst employed by us and the subsequent period thereafter as defined in UK employment law.
We may also keep your information after this period to comply with our legal or regulatory obligations e.g. Company statutory records

Your individual rights

You have several rights in relation to how we use your information. They are:

• Right to be informed. You have a right to receive clear and easy to understand information on what personal information we have, why and who we have it with – we do this in our Privacy Policy
• Right of access. You have the right of access to your personal and information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR)
• Right to request that your personal information be rectified. If your personal information is inaccurate or incomplete, you can request that it is corrected
• Right to request erasure. You can ask for you information to be deleted or removed if there is not a compelling reason for us to continue to hold it
• Right to restrict processing. You can ask that we block or suppress the processing of your information. This means that we are still permitted to keep your information, but unable to use this in the future for those reasons you have restricted
• Right to object. You can object to us processing your information e.g. for direct marketing purposes